package com.lijunjie.platform.api.modules.sys.controller;


import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.lijunjie.platform.api.commons.BaseResponse;
import com.lijunjie.platform.api.modules.sys.entity.User;
import com.lijunjie.platform.api.modules.sys.service.IUserService;
import com.lijunjie.platform.api.utils.JWTUtil;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.UUID;

/**
 * <p>
 *  前端控制器
 * </p>
 *
 * @author lijunjie
 * @since 2019-12-27
 */
@RestController
@RequestMapping("/sys/user")
public class UserController {

    @Resource
    private IUserService userService;

    /**
     * @param user
     * @param response
     * @return
     */
    @PostMapping("/login")
    public Object login(User user, HttpServletResponse response){

        //获得用户主体
        Subject subject = SecurityUtils.getSubject();
        //用户名密码登录token
        UsernamePasswordToken token = new UsernamePasswordToken(user.getUsername(), user.getPassword());
        //执行登录操作，调用处理UsernamePasswordToken的realm
        subject.login(token);

        //根据username获取user
        QueryWrapper<User> queryWrapper = new QueryWrapper<>();
        queryWrapper.eq("username",user.getUsername());
        queryWrapper.eq("is_enabled","1");
        User u = userService.getOne(queryWrapper);
        //登录成功后生成token,返回到前端
        String jwtToken = JWTUtil.sign(u.getId(),u.getPassword()+u.getJwtSecret());
        BaseResponse<Object> baseResponse = new BaseResponse<>();
        response.setHeader(JWTUtil.AUTH_HEADER, jwtToken);
        baseResponse.setCode(200);
        baseResponse.setMsg("登录成功！");
        return baseResponse;
    }

    @GetMapping("logout")
    public Object logout(HttpServletRequest request){
        //登出修改表中jwt_secret字段，强制token失效
        String header = request.getHeader(JWTUtil.AUTH_HEADER);
        String token = StringUtils.removeStart(header,JWTUtil.AUTH_TYPE);
        String userId = JWTUtil.getUserId(token);
        User user = new User();
        user.setId(userId);
        user.setJwtSecret(UUID.randomUUID().toString());
        userService.updateById(user);
        BaseResponse<Object> baseResponse = new BaseResponse<>();
        baseResponse.setCode(200);
        baseResponse.setMsg("注销成功！");
        return baseResponse;
    }

    @RequiresRoles("admin")
    @GetMapping("query")
    public Object query(User user){
        QueryWrapper<User> queryWrapper = new QueryWrapper<>(user);
        BaseResponse<Object> baseResponse = new BaseResponse<>();
        baseResponse.setCode(200);
        baseResponse.setMsg("查询成功！");
        baseResponse.setData(this.userService.list(queryWrapper));
        return baseResponse;
    }

    @PostMapping("add")
    public Object add(User user){
        user.setId("138a3660-1db5-11ea-bc8a-c85b7691f7dd");
        user.setUsername("test");
        userService.save(user);
        BaseResponse<Object> baseResponse = new BaseResponse<>();
        baseResponse.setCode(200);
        baseResponse.setMsg("新增成功！");
        return baseResponse;
    }
}

